Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router, Session Smart Conductor, and WAN Assurance Router products.
The security issue is tracked as CVE-2024-2973 and an attacker could exploit it to take full control of the device.
This configuration is essential to maintaining uninterrupted services and increasing resilience against unforeseen, disruptive events.
This makes the vulnerable configuration quite common in mission-critical network infrastructure, including in large enterprise environments, data centers, telecommunications, e-commerce, and government or public services.
Security updates were made available for Session Smart Router in versions 5.6.15, 6.1.9-lts, and 6.2.5-sts.
WAN Assurance Routers are patched automatically when connected to the Mist Cloud, but administrators of High-Availability clusters need to upgrade to SSR-6.1.9 or SSR-6.2.5.
Juniper also notes that upgrading Conductor nodes is enough to apply the fix automatically to connected routers, but routers should still be upgraded to the latest available version.
The vendor assures customers that the application of the fix does not disrupt the production traffic and it should have a minimal impact of roughly 30 seconds of downtime for web-based management and APIs.
No workarounds are avaialble for this vulnerability and the recommended action is limited to applying the available fixes.
Juniper products are an attractive target for hackers due to the critical and valuable environments they are deployed.
Last year, Juniper EX switches and SRX firewalls were targeted via an exploit chain involving four vulnerabilities, with the malicious activity observed less than a week after the vendor published the related bulletin.
A few months later, CISA warned about the active exploitation of the mentioned flaws taking larger proportions, urging federal agencies and critical organizations to apply the security updates within the next four days, an unusually short deadline for CISA alerts.
Critical GitLab bug lets attackers run pipelines as any user.
Hackers target new MOVEit Transfer critical auth bypass bug.
ASUS warns of critical remote authentication bypass on 7 routers.
Netgear WNR614 flaws allow device takeover, no fix available.
Exploit for critical Veeam auth bypass available, patch now.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sun, 30 Jun 2024 15:15:20 +0000